PatchSiren

priyanshuchaudhary CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM priyanshuchaudhary CVE published 2026-07-10

CVE-2026-12400

The FlowForms – Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference, allowing authenticated attackers with contributor-level access to modify forms, including those owned by administrators, by supplying an arbitrary form ID in the REST URL. This vulnerability has a CVSS score of 4.3 and is classified as MEDIUM severity. The plugin's vulnerability allows for p [truncated]